Overview:

Introducing the all-new Sophos Intercept X

Stop Ransomware Before It Takes Your Files Hostage

Ransomware is the number one malware attack affecting organizations today. It encrypts your files and holds them hostage until the ransom is paid, causing massive disruption to business productivity.

Sophos Intercept X features CryptoGuard, which prevents the malicious spontaneous encryption of data by ransomware-even trusted files or processes that have been hijacked. And once ransomware gets intercepted, CryptoGuard reverts your files back to their safe states.

Root Cause Analysis Provides Insight on Threats

You've been hit! How did it get in, where did it go, what else did it touch and-most importantly-what should you do now? We've got you covered.

Exploit Prevention Stops Modern Threats

The unique technologies of Sophos Intercept X are designed to stop attackers before they have a chance to throw their first punch.

Rather than examining hundreds of millions of known malware samples, Intercept instead focuses on the relatively small collection of techniques used to spread malware. This way, we can ward off zero-day attacks without having even seen them first.

So Fresh and So Clean

Along with Intercept X we provide a powerful virus cleaner. While most traditional virus cleaners simply remove offending malware files, Sophos Clean goes the extra mile by eradicating the malicious code and registry keys created by malware as well. It'll be like your machine was never infected in the first place.

ESG Lab First Look: Intercept X

"ESG Lab found Sophos Intercept X to be simple enough for an IT generalist, while providing features and functionality advanced enough for the professional security analyst."

Features:

Highlights

Anti-exploit zero-day
defense

Anti-ransomware
CryptoGuard technology

Root cause analysis

Lingering malware removal
with Sophos Clean

Augments your existing
antivirus investment

We have good news and bad news...

SE Labs puts Sophos Intercept X Advanced to the test

Build Your Next-Gen Endpoint Protection
The days of straightforward file scanning are long gone. Your goal is now to prevent
threats from reaching your devices, stop them before they run, detect them if they
have bypassed preventative methods, and not just clean up malware, but analyze and
undo everything it does to your endpoints.

Protect Vulnerable Software
Anti-exploit technology stops threats before they become an issue by recognizing and
blocking common malware delivery techniques, thus protecting your endpoints from
unknown threats and zero-day vulnerabilities.

Effective Ransomware Detection
CryptoGuard technology detects spontaneous malicious data encryption to stop
ransomware in its tracks. Even if trusted files or processes are abused or hijacked,
Sophos Endpoint Protection will stop and revert them without any interaction from
users or IT support personnel. CryptoGuard works silently at the file system level,
keeping track of remote computers and local processes that attempt to modify your
documents and other files.

Root Cause Analysis
Identifying malware and isolating and removing it solves the immediate problem.
But do you really know what the malware did before it was removed, or how it was
introduced in the first place? Root cause analysis shows you all the events that led up
to a detection. You'll be able to understand what files, processes, and registry keys were
touched by the malware and activate your advanced system clean to rewind time.

Simplify Management and Deployment
Managing your security from Sophos Central means you
no longer have to install or deploy servers to secure your
endpoints. Sophos Central provides default policies and
recommended configurations to ensure that you get the
most effective protection from day one.

Intercept X Tech Specs:

Intercept X is available for devices running Windows 7 and above, 32- or 64-bit operating systems. Intercept X is designed to augment your existing endpoint security or antivirus software, giving you next-generation anti-exploit, anti-ransomware, root cause analysis, and advanced system cleaning technology. It can also be used in conjunction with Sophos Endpoint Protection Advanced.

Intercept X and Endpoint Protection Advanced are both managed by our unified console, Sophos Central. No servers to build-just log in to download the agent and configure all your policies from one place.

INTERCEPT X

ENDPOINT ADVANCED + INTERCEPT X

Before It Reaches Device

Web Security

Download Reputation

Web Control / Category-based URL Blocking

Device Control (e.g., USB)

Application Control

Browser Exploit Prevention

Before It Runs on Device

Anti-Malware File Scanning

Live Protection

Pre-execution Behavior Analysis / HIPS

Potentially Unwanted Application (PUA) Blocking

Exploit Prevention

Stop Running Threat

Runtime Behavior Analysis / HIPS

Malicious Traffic Detection (MTD)

CryptoGuard Ransomware Protection

Investigate and Remove

Automated Malware Removal

Synchronized Security Heartbeat

Root Cause Analysis

Sophos Clean

Existing Sophos Endpoint Protection customers using Enterprise Console or UTM to manage their endpoints must switch their endpoints to be managed by Sophos Central. See http://www.sophos.com/migrate for more info.